Details

Many people use the same password for different online accounts. Even if the password is very strong, hackers don't need to break into your very secure financial and other important accounts directly. They can attack a weaker website, such as a web forum or subscription service, and use the password they stole from that website's database to steal your identity and log into any of your online accounts.

Both physical and electronic security are difficult skills to master, but most would agree that it's a bad idea to use a single key for every real-world lock you own. So why would you use the same digital key for all of your electronic locks? Many people complain that it is difficult to remember multiple passwords; in the real-world, you don't need to remember how every key on your keychain looks like. So I thought: what if you could have a keychain that keeps your digital keys for you? Zamek is the answer.

I turned to the physical keychain for inspiration, as a physical keychain is already very easy to use. When you need to unlock something, you choose the right key, insert it into the lock, and turn.

Zamek was designed to open your electronic locks as easily as a regular key opens physical locks, with an additional layer of security in case someone other than yourself picks up your digital keychain. The process can be described as:

1. Unlock your Zamek using a security PIN you choose

2. Use Zamek's joystick to change the account displayed on its screen to the one you wish to unlock

3. Insert the Zamek into your computer's USB port

4. Press the joystick to enter the password for the account

Zamek will type in the currently selected password into any field on your screen you select. If there is no USB port available, you can read the password for the account on Zamek's highly visible OLED screen and type it in manually.

Entering your account information into Zamek is intuitive and simple. After you enter your information once, it is stored permanently on Zamek's built-in memory. Your information is encrypted with an industry-recognized AES cipher, which means that if your Zamek is ever stolen, criminals will not be able to extract your information.

Zamek was designed to be your electronic key to the digital world. Smaller than a car remote, it easily clips to your keychain and can be carried everywhere. It features a highly visible screen and a long battery life, which is topped up every time you plug Zamek into your USB port. The joystick is comfortable to use, and the interface is intuitive enough to not require an instruction manual after the first set-up. Additional features currently in consideration are secure formatting and backup/restore options.

All the code and schematics for Zamek will be published under an Open Source license. This mean that anyone can read, validate, and critique the design of any part of the Zamek openly. My desire is that the Open Source process will lead to a device which is ultimately more secure, completely trusted, and reproducible in case I am not able to produce these in the future.

Lastly, Zamek is completely yours to own and use. It protects your data in a personal, respectful, and dignified manner: Zamek does not "phone home" to any remote servers, and it does not store any information anywhere other than its secure memory. Your information will never be anywhere but in your pocket.

After a ton of excellent feedback regarding IP68 protection, I have decided to use buttons instead of a trackball for the initial version of the Zamek. I will keep the code for the trackball in comments and possibly revisit it for version 2, but right now my priority is to get this out the door soon!

Exciting news! After much waiting, I've finally found an easily source-able battery to use for the Zamek, meaning I can finally fit together an attractive case :) The first draft of the case has been sent to Ponoko; stay tuned!

Some background: Zamek has been on hold for a while as I searched for ways to easily create a case that fit around the strange shape consisting of the Screen/Battery/PCB sandwich with the trackball right next to it. Every solution that was attempted was either ugly or impractical to produce.

I recently got my hands on some ultra-thin batteries, only 1.5mm thick! These guys don't hold a lot of juice ( 30mAh ), but my calculations estimate that that's enough to check your password about 700 times before you need to top up ( 15 seconds of on-time at 10mA avg draw ). I'm working with the battery manufacturer to see if we can push the charging rate of the battery up to 2 or even 4C, so the battery could be charged in a matter of minutes. Case parts should be in early next week, next update then!

After some back and forths with designing the case, I realized that it would be much easier to produce the device if I re-engineered some of the sticking points around the previous design. So I cleaned up the entire back of the circuit board so that it can sit flush up against the housing. I also added a trackball for faster and more accurate navigation.

A bare ATMega32u4 has 1KB of EEPROM. This means that by itself, it can store 20 typical account entries (consisting of a 16 character site name, a 16 character user name, and a 16 character password). In order to expand this repository, I have added on a footprint for common EEPROM chips. This will allow up to 100 accounts to be stored!

I'm also starting to think of ways to implement an additional layer of security to secure the EEPROM payload against brute-forcing attacks. This usually means taking the route of longer keys and/or longer computation time. I thought about all the literature I've read on the subject and parsed through chat logs with the excellent folks on the Hacker Channel chat, and am thinking about writing a method to encrypt the EEPROM with a very long key that would be stored in the microcontroller's RAM. This key would itself be encrypted with the relatively shorter PIN. This means that if an attacker simply tries to dump the EEPROM, they would be met with a very resistant payload. If the attacker were to try to dump the RAM, they would likely erase the contents of the RAM in the process (I'll give the chip a warm jacket in case security researchers try to freeze the chip ;) ).

Enjoy this project?

Discussions

Become a member

I've been doing some research for my very own password manager and came across the PBKDF2 algorithm which might be useful to you. It runs your password through a hashing algorithm many times to take a reasonably long time to compute. The function also accepts a salt which allows you to use a string to create different passwords for the same pin. In this device the salt could be the website name.

As an example WPA2 WiFi security uses PBKDF2 with 4096 iterations*. For an 8 bit 16MHz microcontroller you would probably need a lot fewer iterations otherwise it would take several minutes to calculate your password. Alternatively you could use a more powerful microcontroller.

I think this is great, thank you! I'm looking through every possibility, and while the device can (now) generate random passwords too, I'll look into this as an alternative to on-the-fly en/decryption :) I may end up swapping out the atmega for a cortex m0+ once I get more interest in this ;)

I still need to recruit a security researcher to give their stamp of approval and fill in a few blanks. Since the passwords are generated individually using the user as a source of entropy each time, even somehow getting your hands on a dump of the data would not be an issue, as the password is encrypted using the user's PIN. The final algorithm I'll end up using to decrypt the password with the PIN is the last step and arguably the most important. Stay tuned!

Right now i'm only using the Trinket's built in 1KB EEPROM for storing 21 site/user/pass combination entries, but I'm going to be upgrading it to an external I2C EEPROM once I get this proof of concept ready.

I just wrote an implementation of the xxtea "tiny encryption algorithm".
It needs some security patches, but, I think that it's a good starting point.
Take a look: http://git.dzervas.gr/libxxteaIt can be used both as encryption dectryption algorythm but also to provide you some more randomness (apart from the entropy).

Keyboard emulation will be one of the first things I will add after making sure the security of the generated passwords is acceptable for tech folks like us. It is a Trinket Pro after all, so it should be an easy addition.